package service.impl;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import pageModel.Permission;
import pageModel.User;
import service.PermissionServiceI;
import service.UserServiceI;
@Service("shiroRealmService")
public class ShiroRealmServiceImpl extends AuthorizingRealm {
private UserServiceI userService;
private PermissionServiceI permissionService;
public UserServiceI getUserService() {
	return userService;
}
@Autowired
public void setUserService(UserServiceI userService) {
	this.userService = userService;
}
  
public PermissionServiceI getPermissionService() {
	return permissionService;
}
@Autowired
public void setPermissionService(PermissionServiceI permissionService) {
	this.permissionService = permissionService;
}
@Transactional
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    // 根据用户配置用户与权限
    if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }
    String name = (String) getAvailablePrincipal(principals);
    List<String> roles = new ArrayList<String>();
    // 简单默认一个用户与角色，实际项目应User user = userService.getByAccount(name);
    User user = userService.findByLogname(name);
    if (user.getLogname().equals(name)) {
      if (user.getTrole() != null) {
        roles.add(user.getTrole().getRolename());
      }
    } else {
      throw new AuthorizationException();
    }
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 增加角色
    info.addRoles(roles);
    List<Permission> permissions = permissionService.showPermission(user.getTrole().getId());
    if(permissions!=null){
    	for(int i=0;i<permissions.size();i++){
    		info.addStringPermission(permissions.get(i).getPermcode());
    	}
    }
    return info;
  }
@Transactional
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
      throws AuthenticationException {
      UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
    User user = userService.findByLogname(token.getUsername());
    if (user == null) {
       throw new AuthorizationException();
     }
    SimpleAuthenticationInfo info = null;
    if (user.getLogname().equals(token.getUsername())) {
      Session session =SecurityUtils.getSubject().getSession();
      session.setAttribute("user", user);
      info = new SimpleAuthenticationInfo(user.getLogname(), user.getPwd(), getName());
    }
    return info;
  }
}